AMENDMENTS TO THE CLAIMS 

1. (Currently Amended) A method for dynamically tracking a user session 
in order to authenticate and authorize a computer user, the method comprising the 
steps of: 

a. storing security information for a plurality of computer users in a user 
profile database; 

b. receiving at an authorization server coupled with the user profile 
database login information from the computer user who has launched a computer 
application; 

c. in response to step b, creating a Session ID for the computer user with 
the authorization server; 

d. storing at least a portion of the Session ID on the user's computer; 

e. also in response to step b, creating an object associated with the 
computer user or the Session ID; 

f. storing the object dynamically in a directory stored in a directory server 
coupled with the authorization server; 

g. copying at least some of the security information relating to the 
computer user from the user profile database to the object in the directory; 

h. comparing the log-in information entered by the computer user to the 
security information for the computer user and allowing the computer user access to 
the launched computer application if the user is an authenticated or authorized user of 
the computer application; a»4 

i. permitting other computer applications launched by the computer user to 
reference the Session ID on the user's computer-se-tha fc; and 

j. the other computer applications may acc e ss accessing the object for the 

computer user on the directory server to authenticate or authorize the user for the other 
computer applications without r e quiring th e us e r to r e e nt e r th e log in information . 

2. (Original) The method as set forth in claim 1, the security information 
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including authentication and authorization information. 

3. (Original) The method as set forth in claim 2, the authentication and 
authorization information including at least one of the following: user names, user 
IDs, passwords, public-key data, certificates, and access control information. 

4. (Previously Presented) The method as set forth in claim 1, the Session 
ID being based on at least one of the following: a date on which the computer user 
launched the computer application; a time in which the computer user launched the 
computer application; a TCP/IP address of the computer user; and a user name of the 
computer user. 

5. (Original) The method as set forth in claim 1, further including the steps 
of creating a shopping cart and storing the shopping cart along with the object in the 
directory. 

6. (Original) The method as set forth in claim 5, further including the steps 
of allowing the user to select items to be purchased and storing information relating to 
the selected items in the shopping cart. 

7. (Currently Amended) A system for dynamically tracking a user session 
in order to authenticate and authorize a computer user, the system comprising: 

a user profile database for storing security information for a plurality of 
computer users; 

an authorization server coupled with the user profile database for receiving 
log-in information from a computer user who has launched a computer application, for 
creating a Session ED for the computer user, for storing at least a portion of the Session 
ID on the user's computer and for creating an object associated with the computer user 
or the Session ID; and 

a directory stored in a directory server coupled with the authorization server 
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for dynamically storing the object created by the authorization server, 

the authorization server being further operable for copying at least some of 
the security information relating to the computer user from the user profile database to 
the object in the directory, comparing lo g-in information entered by the computer user 
to the security information for the computer user and allowing the computer user 
access to the launched computer application if the user is an authenticated or 
authorized user of the computer application, 

the directory server permitting other computer applications launched by the 
computer user to reference the Session ID on the user's computer so that the other 
computer applications may access the object for the computer user on the directory 
server to authenticate or authorize the user for the other computer applications without 
r e quiring th e us e r to r e e nter th e log in information . 

8. (Original) The system as set forth in claim 7, the security information 
including authentication and authorization information. 

9. (Original) The system as set forth in claim 8, the authentication and 
authorization information including at least one of the following: user names, user 
IDs, passwords, public-key data, certificates, and access control information. 

10. (Previously Presented) The system as set forth in claim 7, the Session 
ID being based on at least one of the following: a date on which the computer user 
launched the computer application; a time in which the computer user launched the 
computer application; a TCP/IP address of the computer user; and a user name of the 
computer user. 

1 1 . (Previously Presented) The system as set forth in claim 7, the 
authorization directory server being further operable for creating a shopping cart and 
storing the shopping cart along with the object in the directory. 
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12. (Previously Presented) The system as set forth in claim 1 1, the 
authorization directory server being further operable for allowing the user to select 
items to be purchased and storing information relating to the selected items in the 
shopping cart. 

13-20. (Canceled) 

21. (New) The method as set forth in claim 1 5 wherein the other computer 
applications access the object on the directory server using a dynamic directory 
service. 

22. (New) The method as set forth in claim 21, wherein the dynamic 
directory service comprises the lightweight directory access protocol (LDAP). 

23. (New) The method as set forth in claim 21, wherein the dynamic 
directory service comprises the X.500 access protocol. 

24. (New) The system as set forth in claim 1, wherein the other computer 
applications access the object on the directory server using a dynamic directory 
service. 

25. (New) The system as set forth in claim 21, wherein the dynamic 
directory service comprises the lightweight directory access protocol (LDAP). 

26. (New) The system as set forth in claim 21, wherein the dynamic 
directory service comprises the X.500 access protocol. 
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